Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
File: 3baab427-eefb-4e67-b18e-83fac7ff77ea.roa (raw, json)
Hash identifier: yxQsqNmWMAGjSphax0T4Wp2FU7X0L84IOKUhSqXj0o4=
Subject key identifier: 30:04:EC:FD:33:7D:DF:18:E0:06:3E:32:59:49:5D:C9:A4:64:76:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DBF3CA7583530B40121B9DAD469D9ECF3564063
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:bf:3c:a7:58:35:30:b4:01:21:b9:da:d4:69:d9:ec:f3:56:40:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4f:b4:e6:1f:a6:7d:6f:ec:bc:25:80:86:6b:
a8:e1:e9:19:a7:dd:19:7c:ec:9a:9e:14:c3:83:9c:
9b:fa:00:ac:50:ad:25:35:f1:68:8b:e2:e0:f3:21:
3c:ae:78:54:93:96:65:31:65:35:9f:47:b7:56:22:
79:3e:97:4a:8f:63:e0:80:71:b6:0a:55:57:9b:19:
cf:b1:da:eb:22:d4:fd:ee:14:c2:f0:04:14:d4:e6:
6e:9b:d2:64:f7:67:af:51:e0:f7:a8:bb:3b:b3:db:
ec:ea:9b:7b:fa:9b:18:b0:2c:3b:22:ce:d6:14:2e:
41:77:9b:b4:c7:b3:7a:19:aa:fe:93:dd:8e:01:2e:
54:90:ca:a4:40:de:73:33:b3:02:cb:26:51:51:b4:
c8:1d:e0:85:b5:3b:d7:40:68:56:73:28:88:d6:38:
cf:dc:16:42:52:5f:6b:0c:20:ef:4e:36:58:5e:7f:
bc:bb:1c:05:14:b3:28:1c:f7:0f:8a:1d:2b:37:70:
98:5c:f8:25:d6:86:63:6a:6e:dd:0f:d3:5f:0a:2b:
ca:9f:a3:d3:d1:41:1a:f1:dd:3a:ca:de:0b:a9:0d:
76:f4:28:17:de:ea:67:d0:fe:8e:82:c4:3b:73:e8:
a8:48:72:a1:68:50:4d:ed:16:63:9c:57:2c:3b:e9:
88:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:04:EC:FD:33:7D:DF:18:E0:06:3E:32:59:49:5D:C9:A4:64:76:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1d:10:58:9e:2c:13:60:b7:c7:eb:58:be:14:5f:2d:c9:1e:7d:
cc:6a:a5:85:b5:b4:59:8c:2e:75:62:ec:9f:b7:72:3a:5c:91:
f1:b4:a8:3a:d5:c0:e6:e8:9f:5a:56:86:11:59:6f:c0:3e:99:
7d:1d:e4:e9:a2:3b:55:e4:78:f3:c1:82:68:a5:8b:eb:cc:69:
63:7b:a4:7b:09:32:e3:01:2c:d5:6e:3a:38:25:82:cd:94:0e:
5e:1f:fe:5d:da:10:ad:be:1c:d0:7a:6f:b8:36:57:88:54:f6:
55:52:bf:88:76:54:b4:24:9d:7b:08:dd:97:86:59:76:35:31:
a6:29:9c:11:ca:3e:ee:e2:f2:67:57:16:6a:59:1f:d5:d5:65:
40:cd:d9:e7:1a:01:2a:c6:cc:49:72:26:38:15:82:7e:7a:66:
8f:e9:ba:81:7f:de:b7:44:69:d0:48:46:f5:5e:77:5b:3a:98:
26:2f:f6:7f:2f:b8:97:f6:2e:ab:12:a0:9a:d7:e3:ca:f4:64:
31:ff:68:a0:aa:17:bf:fd:52:fc:44:3d:dd:6f:a1:7a:6f:8c:
3f:21:4e:68:06:d7:d2:73:14:91:53:1b:dd:d7:53:51:26:d4:
c6:16:38:29:8c:ad:c4:fb:a7:86:01:a2:e9:11:21:72:db:c7:
b1:20:93:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPb88p1g1MLQBIbna1GnZ7PNWQGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjYTg5Mzk2NGVmNTNmOWE0MGQxM2NjZDA5YmRhMDJjZGYxNTZhZGE1Yzlk
ZWMxYzYxY2JkM2Q1NWI0MzMzMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1PtOYfpn1v7LwlgIZrqOHpGafdGXzsmp4Uw4Ocm/oArFCtJTXxaIvi4PMh
PK54VJOWZTFlNZ9Ht1YieT6XSo9j4IBxtgpVV5sZz7Ha6yLU/e4UwvAEFNTmbpvS
ZPdnr1Hg96i7O7Pb7Oqbe/qbGLAsOyLO1hQuQXebtMezehmq/pPdjgEuVJDKpEDe
czOzAssmUVG0yB3ghbU710BoVnMoiNY4z9wWQlJfawwg7042WF5/vLscBRSzKBz3
D4odKzdwmFz4JdaGY2pu3Q/TXworyp+j09FBGvHdOsreC6kNdvQoF97qZ9D+joLE
O3PoqEhyoWhQTe0WY5xXLDvpiFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwBOz9
M33fGOAGPjJZSV3JpGR2qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JhYWI0MjctZWVmYi00ZTY3LWIxOGUtODNmYWM3ZmY3N2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdEFieLBNgt8frWL4UXy3JHn3MaqWFtbRZjC51
Yuyft3I6XJHxtKg61cDm6J9aVoYRWW/APpl9HeTpojtV5HjzwYJopYvrzGlje6R7
CTLjASzVbjo4JYLNlA5eH/5d2hCtvhzQem+4NleIVPZVUr+IdlS0JJ17CN2Xhll2
NTGmKZwRyj7u4vJnVxZqWR/V1WVAzdnnGgEqxsxJciY4FYJ+emaP6bqBf963RGnQ
SEb1XndbOpgmL/Z/L7iX9i6rEqCa1+PK9GQx/2igqhe//VL8RD3db6F6b4w/IU5o
BtfScxSRUxvd11NRJtTGFjgpjK3E+6eGAaLpESFy28exIJPQ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:31 2025 by rpki-client